Skip to main content

How to Convert an OVA Image to an AWS EC2 Instance

1. Create an S3 Bucket to import the OVA Image.

2. Upload the OVA Image via the browser. (Pro Tip: If the OVA has a long and complicated name, rename it. Your going to be using the command line.)

3. Install the AWS CLI and Python onto your Laptop

https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html

4. Verify via CMS that python --version and pip --version is working and you get a response.

Example:
C:\Users\ubuntu.power>pip --version
pip 19.0.1 from c:\users\ubuntu.power\appdata\local\programs\python\python37-32\lib\site-packages\pip (python 3.7)

C:\Users\ubuntu.power>python --version
Python 3.7.2

FYI. You can also use PowerShell
https://docs.aws.amazon.com/powershell/latest/userguide/pstools-getting-set-up-windows.html

5. You will need your AWS Secret ID and Key from IAM. Generate a new one if you forgot it or haven't use it or just plain don't know it.

https://blog.migrationking.com/2019/03/how-to-quickly-setup-aws-cli-on-windows.html

Note: Make sure you can run an aws command like the following with output:

aws s3 ls

6. AWS Import/Export Guide:
https://docs.aws.amazon.com/vm-import/latest/userguide/vm-import-ug.pdf

7. Convert from an OVA File:

http://www.daniloaz.com/en/how-to-create-a-sentilo-aws-ec2-instance-from-an-ova-file/

8. In order to import the OVA file, you have to save it to a location on your local machine where you can point to the path from PowerShell (If you're on Linux, the location from your shell). Note: If your on Windows, use the C:\ Drive Path. 

 Professional Note: Use Notepad++ on Windows to create the file
https://notepad-plus-plus.org/

 9. trust-policy.json file

 {
   "Version":"2012-10-17",
   "Statement":[
      {
         "Sid":"",
         "Effect":"Allow",
         "Principal":{
            "Service":"vmie.amazonaws.com"
         },
         "Action":"sts:AssumeRole",
         "Condition":{
            "StringEquals":{
               "sts:ExternalId":"vmimport"
            }
         }
      }
   ]

}

10. role-policy.json file

{
 "Version":"2012-10-17",
 "Statement":[
 {
 "Effect":"Allow",
 "Action":[
 "s3:GetBucketLocation",
 "s3:GetObject",
 "s3:ListBucket"
 ],
 "Resource":[
 "arn:aws:s3:::disk-image-file-bucket",
 "arn:aws:s3:::disk-image-file-bucket/*"
 ]
 },
 {
 "Effect":"Allow",
 "Action":[
 "ec2:ModifySnapshotAttribute",
 "ec2:CopySnapshot",
 "ec2:RegisterImage",
 "ec2:Describe*"
 ],
 "Resource":"*"
 }
 ]
}

11. You import the policies from your machine using a local path. Drive Shares (e.g. Google Drive, etc seem to complain).

PS C:\Users\username> aws iam create-role --role-name vmimport --assume-role-policy-document file://C:\Users\username\Documents\AWS\s3\trust-policy.json

PS C:\Users\usernamet> aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://C:\Users\username\Documents\AWS\s3\role-policy.json

Page 14-15 of https://docs.aws.amazon.com/vm-import/latest/userguide/vm-import-ug.pdf

12. Create "containers.json" file.

[
  {
    "Description": "Bubba Lovey",
    "Format": "ova",
    "UserBucket": {
        "S3Bucket": "bubba-lab-lovey",
        "S3Key": "anykindofvm.ova"
    }
}]

13. aws ec2 import-image --description "FireEye CMS" --license-type BYOL --disk-containers file://C:\Users\username\Documents\AWS\s3\containers.json

NOTE: This is a Linux Image

 You can check the status of the running job by using the "ImportTaskID" that was provided when you kicked off the job:



This blog saved the day. Credit has to go to Daniel Lopez Azana!

http://www.daniloaz.com/en/how-to-create-a-sentilo-aws-ec2-instance-from-an-ova-file/

https://rzn.id.au/tech/converting-an-ova-to-an-amazon-ami/ (Helpful)







Popular posts from this blog

How to Login to AWS using CLI with AzureSSO through Azure Active Directory

Testing on Windows 10 Release 1909  Prerequisite (Install Visual Studio Code and the AWS CLI if you don't have it already installed and your Azure Active Directory is already configured and processing authentication) 1. Install Node.Js https://nodejs.org/en/ (Use the LTS Edition/Version) 2. Check the node version in PowerShell or Windows Terminal: node --version && npm --version 3. npm install -g aws-azure-login *install will take about 15-20 minutes. Be patient and let it finish.  4. Configure your profile aws-azure-login --configure --profile=<<Name of your profile>> Example:  aws-azure-login --configure --profile=migrationking Pro Tip: It installs the profile on your machine under ~/.aws/config . You can edit the file with Visual Studio Code or Notepad++ #This will prompt to Enter the Azure AD details *** Azure Tenant ID: << Enter the Azure AD Tenant ID from the Azure AD application configuration for the AWS Account to be accessed>> Azure Tenant I
Read more

How to Setup CAC/PIV Cards on Ubuntu Linux 20.04LTS

NOTE: Verified to work with PIV/CAC Cards NOTE: Do not use a Regular USB if you are traveling. Only use a Military Grade FIPS 140-2, Level 3 Certified Device. Do Not use that Fingerprint reader garbage. What if your finger got chopped off? Use a Pin you can easily remember because if you forget it, your VM and data on the USB will be toast and not recoverable.  NOTE: This tutorial is for a bare-metal Ubuntu Linux 20.04 LTS laptop, not a virtual machine. Make sure you encrypt your laptop during OS installation. Do NOT be an idiot and use the same encryption password as the OS login. https://www.amazon.com/iStorage-datAshur-PRO2-Secure-Encrypted/dp/B07VK7JTQT/ref=sr_1_1?dchild=1&keywords=istorage+datashur&qid=1625886216&sr=8-1 1. Purchase an ACS Smart Card reader (Manufacturer Code: ACR39U-N1) https://www.amazon.com/ACS-ACR39U-N1-Pocketmate-II/dp/B0758TS5JR https://www.acs.com.hk/en/products/426/acr39u-n1-pocketmate-ii-smart-card-reader-usb-type-a/ (PS/SC Drivers are located
Read more

How to Fix /storage/core filesystem Out of Disk Space Error on VCSA 6.0U1

How to fix the error of " The /storage/core filesystem is out of disk space or inodes" Step 1: Login to the new VCSA 6.0U1 HTML5 web client. https://ip address:5480 Step 2: Enable SSH and Bash Shell Step 3: Login as root and type "shell" at Command> shell Step 4: df -h (Check if it's out of space) /dev/mapper/core_vg-core               50G   50G     0 100% /storage/core Step 5: Stop the services of VCSA:  hostname: # service vmware-vpxd stop hostname: # service vmware-vpxd status (make sure it is stopped) Step 6:  cd /storage/core Step 7: rm -rf *.tgz ( be CAREFUL ...do this in the wrong directory and you will be retrieving from a backup .) If you need help. Go to Cybercity ( http://www.cyberciti.biz/faq/delete-all-files-folder-linux/ )  Step 8: service vmware-vpxd restart Step 9: history -c Step 10:  Refresh the browser (https://ip address:5480). Now it's all green VMware KB
Read more